Jeffrey Altman wrote:
I think we need to take a very close look at the situations when it is
safe to replace memset(buf,0,sizeof(buf)) with
OPENSSL_cleanse(buf,sizeof(buf)).
It is clearly safe to make this replacement when the buffer is a stack
allocation because there can be no future use of
PROTECTED]
Subject: Re: Concerns about the use of OPENSSL_cleanse()
Jeffrey Altman wrote:
I think we need to take a very close look at the situations when it is
safe to replace memset(buf,0,sizeof(buf)) with
OPENSSL_cleanse(buf,sizeof(buf)).
It is clearly safe to make this replacement when
However, this is not true for data structures that are located on the
heap. In many cases OpenSSL provides functions that allow a buffer to
be reused: XXX_init(), XXX_cleanup(), XXX_free(). This is true for
several data structures. By replacing memset() with OPENSSL_cleanse()
in the
Rich Salz wrote:
Hmm, so OpenSSL is depending on NULL being all-bytes-zero. :)
Funny about that. :-)
Probably a safe assumption, although theoretically you shouldn't do that.
It really wouldn't matter what assumption you made. At some point there
needs to be a test:
Is this structure
Hello,
On December 9, 2002 01:17 am, Wirta Ville wrote:
Just a humble opinnion on that problem. How about adding a normal
memset to be the last action that OPENSSL_cleanse() does? Would that
make any kind of sence or improvement? That way the compiler would have
to make sure OpenSSL can
Jeffrey Altman wrote:
I think we need to take a very close look at the situations when
it is safe to replace memset(buf,0,sizeof(buf)) with
OPENSSL_cleanse(buf,sizeof(buf)). It is clearly safe to make this
[snip]
Ben OPENSSL_cleanse() should be followed by a memset()? OTOH, if the
For y'all that have concerns about this: I'll take a look tomorrow,
and see what I may have done wrong (not an excluded possibility :-)).
--
Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47
\ SWEDEN
Good morning great OpenSSL developpers!
Just a humble opinnion on that problem. How about adding a normal memset to
be the last action that OPENSSL_cleanse() does? Would that make any kind of
sence or improvement? That way the compiler would have to make sure OpenSSL
can safely expect to find a